|
1 | 1 | /****** |
2 | 2 | * name: arkenfox user.js |
3 | | -* date: 06 April 2021 |
4 | | -* version 88-alpha |
| 3 | +* date: 23 April 2021 |
| 4 | +* version 88 |
5 | 5 | * url: https://github.com/arkenfox/user.js |
6 | 6 | * license: MIT: https://github.com/arkenfox/user.js/blob/master/LICENSE.txt |
7 | 7 |
|
@@ -1163,17 +1163,18 @@ user_pref("webchannel.allowObject.urlWhitelist", ""); |
1163 | 1163 | * [3] CVE-2017-5383: https://www.mozilla.org/security/advisories/mfsa2017-02/ |
1164 | 1164 | * [4] https://www.xudongz.com/blog/2017/idn-phishing/ ***/ |
1165 | 1165 | user_pref("network.IDN_show_punycode", true); |
1166 | | -/* 2620: enforce Firefox's built-in PDF reader [SETUP-CHROME] |
| 1166 | +/* 2620: enforce PDFJS, disable PDFJS scripting [SETUP-CHROME] |
1167 | 1167 | * This setting controls if the option "Display in Firefox" is available in the setting below |
1168 | 1168 | * and by effect controls whether PDFs are handled in-browser or externally ("Ask" or "Open With") |
1169 | 1169 | * PROS: pdfjs is lightweight, open source, and as secure/vetted as any pdf reader out there (more than most) |
1170 | | - * Exploits are rare (1 serious case in 4 yrs), treated seriously and patched quickly. |
| 1170 | + * Exploits are rare (one serious case in seven years), treated seriously and patched quickly. |
1171 | 1171 | * It doesn't break "state separation" of browser content (by not sharing with OS, independent apps). |
1172 | 1172 | * It maintains disk avoidance and application data isolation. It's convenient. You can still save to disk. |
1173 | 1173 | * CONS: You may prefer a different pdf reader for security reasons |
1174 | 1174 | * CAVEAT: JS can still force a pdf to open in-browser by bundling its own code (rare) |
1175 | 1175 | * [SETTING] General>Applications>Portable Document Format (PDF) ***/ |
1176 | 1176 | user_pref("pdfjs.disabled", false); // [DEFAULT: false] |
| 1177 | +user_pref("pdfjs.enableScripting", false); // [FF86+] |
1177 | 1178 | /* 2621: disable links launching Windows Store on Windows 8/8.1/10 [WINDOWS] ***/ |
1178 | 1179 | user_pref("network.protocol-handler.external.ms-windows-store", false); |
1179 | 1180 | /* 2622: enforce no system colors; they can be fingerprinted |
|
0 commit comments